[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #33529 [Webpages/Support]: Improve verifying signatures instructions
#33529: Improve verifying signatures instructions
-------------------------+----------------------------------
Reporter: PROTechThor | Owner: hiro
Type: enhancement | Status: new
Priority: Medium | Component: Webpages/Support
Version: | Severity: Normal
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------+----------------------------------
The instructions on verifying signatures at
https://support.torproject.org/tbb/how-to-verify-signature/ should be
clearer and more concise.
A frontdesk email reads:
"In order to verify the integrity of the Tor browser installation file,
you recommend downloading GPG4win, but then your instructions for Windows
say to use a command line command that is not included with that package,
and there are no instructions on how to use the GUI to verify the package
(or which GUI to use, since there are at least two included in GPG4win).
https://support.torproject.org/tbb/how-to-verify-signature/
Trying to import the asc file into Kleopatra or the GNU Privacy Assistant
results in a message saying that 0 certificates were imported, or no keys
were found.
What's more, there is a confusing reference to the " Tor Browser
Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290)". Is
this the key I'm supposed to be using for verification? This doesn't
appear to be a PGP public key.
There's also a statement that suggests that the PGP public key file is
automatically downloaded with the installation package, but it's not.
"Each file on our download page is accompanied by a file with the same
name as the package and the extension ".asc"." The download page does
not show file names, and using the download link on the download page
only downloads the exe file."
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33529>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs